<?php
include('includes/connection_settings.php');

//Safety...
$table = mysql_query("SELECT username FROM users WHERE admin = true");
for ($i = 0; $i < mysql_num_rows($table); $i++) {
 if ($_COOKIE['username'] == mysql_result($table, $i, 0)) {
  break;
 }

 else {
  echo "noAdmin";
  exit;
 }
}

//If first time
if (!isset($_GET['f'])) {

 echo "<h1>Admin</h1>";

 echo "<h1>Modification of the users</h1>";

 //User remove
 $table = mysql_query("SELECT username FROM users ORDER BY username ASC");
 if (!isset($table)) {
  echo "<h1>Can't choose data from the table!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 if (!mysql_result($table, 0, 0)) {
  echo "<p>No users!<p>";
 }

 else {

  echo "<p>Modify the wanted user on the following list:</p>";

  for ($i = 0; $i < mysql_num_rows($table); $i++) {
   echo "<p>" . mysql_result($table, $i, 0) . " <span class='likeLink'
 onClick='admin(\"removeUser\", \"" . mysql_result($table, $i, 0) . "\")'>Remove</span> <span class='likeLink' onClick='admin(\"userToAdmin\", \"" . mysql_result($table, $i, 0) . "\")'>Mark as admin</span></p>";
  }
 }

 echo "<h1>Remove dictionaries:</h1>";

 //Links to the dictionaries
 $table = mysql_query("SELECT dictionary FROM words GROUP BY dictionary ASC");
 if (!isset($table)) {
  echo "<h1>Can't choose data from the table!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 if (!mysql_result($table, 0, 0)) {
  echo "<p>No dictionaries!<p>";
 }

 else {
  echo "<p>Remove the wanted dictionary on the following list:</p>";

  for ($i = 0; $i < mysql_num_rows($table); $i++) {
   echo "<p><span class='likeLink' onClick='admin(\"removeDictionary\", \"" . mysql_result($table, $i, 0) . "\")'>" . mysql_result($table, $i, 0) . "</span></p>";
  }
 }
}

//User remove
elseif ($_GET['f'] == "removeUser") {

//Strips " and ' marks
$bannedMarks = array("\"", "'");

$_GET['user'] = str_replace($bannedMarks, "", $_GET['user']);

 if (!mysql_query("DELETE FROM users WHERE username = '{$_GET['user']}'")) {
  echo "<h1>Can't remove the user!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 if (!mysql_query("ALTER TABLE words DROP COLUMN points_{$_GET['user']}")) {
  echo "<h1>Can't remove the user!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 if (!mysql_query("ALTER TABLE choices DROP COLUMN {$_GET['user']}")) {
  echo "<h1>Can't remove the user!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 echo "<p>User removed</p>";
}

//Jos annetaan adminit
elseif ($_GET['f'] == "userToAdmin") {

//Strips " and ' marks
$bannedMarks = array("\"", "'");

$_GET['user'] = str_replace($bannedMarks, "", $_GET['user']);

 if (!mysql_query("UPDATE users SET admin = true WHERE username = '{$_GET['user']}'")) {
  echo "<h1>Can't mark the user as a admin!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }
 echo "<p>User marked as admin</p>";
}

//Jos poistetaan sanasto
elseif ($_GET['f'] == "removeDictionary") {

 //Strips " and ' marks
 $bannedMarks = array("\"", "'");

 $_GET['dictionary'] = str_replace($bannedMarks, "", $_GET['dictionary']);

 //Out of the words table
 if (!mysql_query("DELETE FROM words WHERE dictionary = '{$_GET['dictionary']}'")) {
  echo "<h1>Can't remove the dictionary!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 //Out of the choices table
 if (!mysql_query("DELETE FROM choices WHERE dictionary = '{$_GET['dictionary']}'")) {
  echo "<h1>Can't remove the dictionary!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 echo "<p>Dictionary removed</p>";
}

?>